Hi All,
It's been a little while since I deployed a WSA and I see a new tool, the Active Directoy Agent. I understand from the docs it's used to get usernames from AD for the current logged on user when using NTLM authentication for transparent auth.
My question is why?!
When I last set up a WSA with NTLM for transparent auth we didn't have to use the Agent. NTLM revealed the username as part of what it does and we could use that to bind sessions with access policies, etc.
Yet the docs say:
"Create an NTLM authentication realm and enable transparent user identification.
In addition, you must deploy a separate utility called the Cisco Active Directory Agent (AD Agent). "
So, why is that? What does the agent get me that I didn't use to get? Do I really have to use it?
Thanks all!